#IoTBuild

Luc Verhelst

Leading Digital and ISACA certified Risk Adviser

CIO at Metallo Group

The CIO's IoT attention points on Enterprise Architecture and IT Risk:

An effective approach when going digital and integrating the world of IT and OT

#IoTBuild

Agenda• IIoT and Industry 4.0, where suddenly does this Fuss come from?

• But why should the CIO embrace going Digital?

• The Industry 4.0 Frameworks and Methodologies

• The Project Failure and Enterprise Architecture Challenges

• IT’s all about the Data: Architecture and Applications

• IT Risk aspects – the forgotten Challenge?

• Wrap-up / Q&A

2

#IoTBuild

Luc Verhelst is an experienced CIO, Digital Consultant and IT Risk Adviser .

Luc is currently holding the position as CIO for Metallo group.

Before that he was CIO of the EMA, the European Medicines Agency, based in London, responsible for the supervision of medicines inside Europe.

Previously Luc held different leading CIO roles in leading companies in finance, media, healthcare and logistics.

Luc is also the honorary chairman of MIT-Club, leading Belgian CIO community exchanging valuable CIO knowledge and experiences.

Luc is ISACA certified (CGEIT) and specialised inDigital Strategies with focus on IT governance, Architecture and specifically the IT Risk domain.

BIO: Luc Verhelst

#IoTBuild

Agenda• IIoT and Industry 4.0, where suddenly does this Fuss come from?

• But why should the CIO embrace going Digital?

• The Industry 4.0 Frameworks and Methodologies

• The Project Failure and Enterprise Architecture Challenges

• IT’s all about the Data: Architecture and Applications

• IT Risk aspects – the forgotten Challenge?

• Wrap-up / Q&A

4

#IoTBuild

54%

54%

#IoTBuild

#IoTBuild

#IoTBuild

Agenda• IIoT and Industry 4.0, where suddenly does this Fuss come from?

• But why should the CIO embrace going Digital?

• The Industry 4.0 Frameworks and Methodologies

• The Project Failure and Enterprise Architecture Challenges

• IT’s all about the Data: Architecture and Applications

• IT Risk aspects – the forgotten Challenge?

• Wrap-up / Q&A

8

#IoTBuild

#IoTBuild

In the Industry 4.0 era the world of OT and IT are coming together

#IoTBuild

#IoTBuild

#IoTBuild

#IoTBuild

#IoTBuild

#IoTBuild

#IoTBuild

Data is your most important resource

#IoTBuild

The Challenge: The Amount of Data

#IoTBuild

Agenda• IIoT and Industry 4.0, where suddenly does this Fuss come from?

• But why should the CIO embrace going Digital?

• The Industry 4.0 Frameworks and Methodologies

• The Project Failure and Enterprise Architecture Challenges

• IT’s all about the Data: Architecture and Applications

• IT Risk aspects – the forgotten Challenge?

• Wrap-up / Q&A

19

#IoTBuild

Accenture 20

Many models circulate, from smaller players to the Big Ones

#IoTBuild3 mei 2016 21

PWC

#IoTBuild3 mei 2016

22

The McKinsey Digital Compass

The McKinsey Digital Compass

#IoTBuild

Bain & Company

#IoTBuild3 mei 2016 24

Often focused on prototyping, measuring and demonstrating value

Accenture

#IoTBuild

Agenda• IIoT and Industry 4.0, where suddenly does this Fuss come from?

• But why should the CIO embrace going Digital?

• The Industry 4.0 Frameworks and Methodologies

• The Project Failure and Enterprise Architecture Challenges

• IT’s all about the Data: Architecture and Applications

• IT Risk aspects – the forgotten Challenge?

• Wrap-up / Q&A

25

#IoTBuild

Enterprise Architecture Framework

Business

Application Architecture

Technical Architecture

Infrastructure Architecture

Data

Risk

Pro

ject

Mgm

t

#IoTBuild

The primary obstacle to effective organizational change is cultural.

Well-implemented processes are the product of a broad, multidimensional strategy, led by process owners.

Management must be prepared to adopt a “virtual” matrix organization.

Aligning a traditional, hierarchical organization along process lines requires more than modifying an organization chart.

It is a way of institutionalizing new working relationships across lateral organizational boundaries.

Process ownership is a role that must be filled by an individual or team to oversee the crossfunctionaleffectiveness of the process.

#IoTBuild

Not a lot of POC’s really become successfullWho do most IoT projects fail?• People & culture

• Poor collaboration between IT, OT and Business

• Culture that focuses too much on Technology

• Lack of Expertise

• Process – going it alone• What looks good on paper proves to be too difficult

• Tie success with the Business• Go with hard numbers, go for ROI within 1-2 years

• Provide easy systems, “operational centric”

• Get Value from Data and

• From the People…

#IoTBuild

Agenda• IIoT and Industry 4.0, where suddenly does this Fuss come from?

• But why should the CIO embrace going Digital?

• The Industry 4.0 Frameworks and Methodologies

• The Project Failure and Enterprise Architecture Challenges

• IT’s all about the Data: Architecture and Applications

• IT Risk aspects – the forgotten Challenge?

• Wrap-up / Q&A

29

#IoTBuild

IT’s all about Processes, Data and Architecture

#IoTBuild

• The global vision drives our enterprise architecture, which processes touch which data?

• In our vision OT data (eg PLC) and IT data (MES, ERP) are both to be considered as information, preferably combined

How do we manage, manipulate & secure

the data in our applications and on our

servers?

What type of data can/should we have or

provide/publish?

How can we get maximal value out of this

data?

31

A global vision on Information Management

#IoTBuild32

BIREPORTING

Network

One Enterprise Architectue:

• Application architecure• Data architecture (common

definitions, all aligned)• Security architecture• Infrastracture architecure

(common network, datacenter, servers)

Application architecturebased on ISA95

Datacenter and servers

Electricity

The ISA95 view on application architecture

#IoTBuild

Agenda• IIoT and Industry 4.0, where suddenly does this Fuss come from?

• But why should the CIO embrace going Digital?

• The Industry 4.0 Frameworks and Methodologies

• The Project Failure and Enterprise Architecture Challenges

• IT’s all about the Data: Architecture and Applications

• IT Risk aspects – the forgotten Challenge?

• Wrap-up / Q&A

33

#IoTBuild

Overall IT security concept influenced by many different business inputs

34

#IoTBuild

A possible IT security framework

35

#IoTBuild

IT security roadmap implemented over time

Phase 1Foundation

Phase 2Growth

Phase 3FinalisePreparation phase

Start NOW InitialiseAddress vulnerabilitiesSecurity PolicyInformation classificationOther initiatives Extended Policy

Initiative NInitiative N+1Initiative N+2

Further intitiatives………

#IoTBuild

Questions?

Thank you